Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our User Agreement and Privacy Policy.

Slideshare uses cookies to improve functionality and performance, and to provide you with relevant advertising. If you continue browsing the site, you agree to the use of cookies on this website. See our Privacy Policy and User Agreement for details.

SYSTEM NETWORK ADMINISTRATIONS GOALS and TIPS

1.
For More : https://www.ThesisScientist.com
UNIT 2
NETWORK ADMINISTATION
Network administration means the management of network infrastructure devices
(routers and switches). Network administration is the management of PCs in a network.
Goal of network administration:-
 The goal of network administration is to ensures that the users of networks
receive the information and technically serves with quality of services they
except.
 Network administration means the management of network infrastructures
devices (such as router and switches)
 Network administration compromises of 3 majors groups:
1. Network provisioning
2. Network operations
3. Network maintenance
Network provisioning: - is the primary responsibility of engineering groups and its
consists of planning and design of network which is done by engineer.
Network operations: - it consists of fault, configurations, traffic, all type of
management and it is done by plant facilities group. Its is nerve center of network
management operations.
Network maintenance:- its consists of all type of installations and maintenance
work.

2.
For More : https://www.ThesisScientist.com
Content:
Addressing and Subnetting: Fixed Vs Variable Masks
Internet Architecture and IP Addresses
Introduction of TCP/IP Internet
 Internet Architecture
 Physical network: computers on the same physical network are physically
connected.
 Computers on different physical networks are not physically connected.
 IP router (or IP gateway): dedicated systems that connect two or more
networks.
 Host: end-user system. It connects to physical networks, and there are
possibly many hosts per network

3.
For More : https://www.ThesisScientist.com
 The two view of a TCP/IP Internet
 Packet Transmission
 Source Host:
 If the destination is on the same physical network, deliver it
directly
 Otherwise, send it to a router
 Intermediate Routers:
 The destination is not on the same physical network, forward the
packet to another router
 Final Router
 The destination is physically connected to this final router, so send
the packet directly to the destination.
 How do routers work?
 Routers need to find the right routes when forwarding packets.
 Routers‘ decision is based on the routing information they have
 Routing table: use destination network, not the destination host;
otherwise, the table will be huge.

4.
For More : https://www.ThesisScientist.com
IP Address
 Overview
 It is basically an identifier used in the network layer of the internet model to
identify each device is connected to internet or not.
 32 bit binary value
 Unique value assigned to each host
 Values chosen to make routing efficient
 Dotted Decimal Notation:
 Binary: 10000000 11100110 00000001 00001100
 Dotted decimal notation: 128.230.1.12
The IP address consists of a pair of numbers:
IP address = <network number><host number>
The network number portion of the IP address is administered by one of three
Regional Internet Registries (RIR):
 American Registry for Internet Numbers (ARIN): This registry is responsible for
the administration and registration of Internet Protocol (IP) numbers for North
America, South America, the Caribbean, and sub-Saharan Africa.
 Reseaux IP Europeans (RIPE): This registry is responsible for the administration
and registration of Internet Protocol (IP) numbers for Europe, Middle East, and
parts of Africa.
 Asia Pacific Network Information Centre (APNIC): This registry is responsible
for the administration and registration of Internet Protocol (IP) numbers within
the Asia Pacific region.
The division of an IP address into two parts also separates the responsibility for selecting
the complete IP address. The network number portion of the address is assigned by the
RIRs. The host number portion is assigned by the authority controlling the network. As
shown in the next section, the host number can be further subdivided: This division is
controlled by the authority that manages the network. It is not controlled by the RIRs.
 Classful Addressing Scheme (The original scheme, didn’t last long)
 In this scheme the address space is divided into 5 classes as shown below
Above class support unicast address schemes.

5.
For More : https://www.ThesisScientist.com
 Properties of the classful addressing scheme?
 They are self-identifying: the boundary between netid and hostid is self-explained
from the address. This can benefit routing because the entries of routing tables
store mainly use netid, not the entire IP address.
 Class A:-
 Range (1-126)
 1st
bit is always 0
 Range of network no‘s 1.0.0.0 --- 126.0.0.0
 No of possible network is 127 and out of this 1-126 is used & 127 & 0 is not
used.
 No of possible values in host portions is 16,777,216 (256*256*256 )
 Advantages:- used for large network
 Disadvantages: - millions of class A address are wasted.
 Class B:-
 Range (128-191)
 Always 1st
two bits is 10
 Range of network no‘s 128.0.0.0 --- 191.255.0.0
 No‘s of possible networks 16,384 blocks (64*256)
 No of possible values in host portions is 65,536(256*256)
 Advantages: - used for midsize network
 Disadvantages: - many of class B address are wasted.
 Class C:-
 Range (192-223)
 Always 1st
three bits is 110
 Range of network no‘s 192.0.0.0 --- 223.255.255.0
 No‘s of possible networks 2,097,152 blocks (32*256*256)
 No of possible values in host portions is 256
 Advantages: - used for small network
 Disadvantages: - no‘s of address in class C is smaller than the needs of mosts
organizations.

6.
For More : https://www.ThesisScientist.com
 Class D :-
 Range (224-239)
 Always 1st
Four bits is 1110
 Range of network no‘s 224.0.0.0 --- 239.255.255.255
 It is used for multicast.
 Class E :-
 Range (240-255)
 Always 1st
Five bits is 11110
 Range of network no‘s 240.0.0.0 --- 255.255.255.254
 It is used for research purpose.
PROBLEMS OF CLASSFUL ADDRESSING SCHEMES:-
In classful addressing schemes each class is divided into a fixed no of blocks where each
blocks have affixed size
CLASS A:-
Total 128 blocks
1st
block -0.0.0.0---------0.255.255.255
Last block 127.0.0.0-----------127.255.255.255
Private address range 10.0.0.0-------10.0.0.255 (1 block)
so total no of block used is 125.
So main disadvantages is that million of class A address are wasted because no of address
in each blocks is 16,777,216
Class B
Total blocks 16384(out of that we used only 16,368)
Each blocks contains address -65,536
16 blocks are reserved for private addressing.
Range 172.16.0.0 ---------172.31.255.255
Class C
Total blocks 2,097,152 (out of that we use 2,096,896)

7.
For More : https://www.ThesisScientist.com
256 blocks are used for private addressing.
Private address range 192.168.0.0 ---------192.168.255.256
Each block contains 256 addresses.
Class D
It contain 1 block
Used for multicasting
Class E
Its contain 1 block
Used for reserved address.
Reserved address prefixes
a) 10/8 10.0.0.0 - 10.255.255.255
b) 172.16/12 172.16.0.0 - 172.31.255.255
c) 192.168/16 192.168.0.0 - 192.168.255.255
d) 169.254/16 169.254.0.0 - 169.254.255.255
 Special Addresses
 255.255.255.255: Limited broadcast (local net)
 0.0.0.0: this host. Can only be used as source address. It is used during
bootstrap before a computer knows its IP address. “0” means THIS.
 net + all 1s: directed broadcast for net
 127. Anything (often 1): loop back.
Reserved IP addresses
A component of an IP address with a value all bits 0 or all bits 1 has a special
meaning:
 All bits 0: An address with all bits zero in the host number portion is interpreted
as this host (IP address with <host address>=0). All bits zero in the network
number portion is this network (IP address with <network address>=0). When a
host wants to communicate over a network, but does not yet know the network IP
address, it can send packets with <network address>=0. Other hosts in the
network interpret the address as meaning this network. Their replies contain the
fully qualified network address, which the sender records for future use.
 All bits 1: An address with all bits one is interpreted as all networks or all hosts.
For example, the following means all hosts on network 128.2 (Class B address):
128.2.255.255 This is called a directed broadcast address because it contains
128.2.255.256 both a valid
<network address> and a broadcast <host address>.

8.
For More : https://www.ThesisScientist.com
 Loopback: The Class A network 127.0.0.0 is defined as the loopback network.
Addresses from that network are assigned to interfaces that process data within
the local system. These loopback interfaces do not access a physical network.
Unicast address: - it‘s used to communicate from one source to one destination.
Multicast Address: - it‘s used to communicate from one source to group of destination.
& it can be used only as destination address only.
Broadcast address: - communication is from one to all
Note: - address space is 2 power N
Where N is no of bits
An IP address are designed with 2 level hierarchy
1) netID
2) hostID
Network ID (netID): - the hosts that populates that networks shares those same bits
called networks bits.
Host ID:-these are unique identifier of each hosts within that network.
Network address:-a network address is an address that defines network itself it cannot
be assigned to a host.

9.
For More : https://www.ThesisScientist.com
Property of network address:-
1) all hosts ID bytes are 0‘s
2) The network address defines the networks to the rest of the internet.
3) Network address is the 1st
address in the blocks.
4) If given an network address we can define class of address
NOTE: - A network address is different from netID. A network address has both netID&
hostID with 0‘s for hostID.
Eg. Given the address 23.56.7.91. Find the network address?
Sol: - the class is A because first byte define netID. So we can find network address by
replacing hostID bytes by 0‘s so network address is 23.0.0.0
SUBNETTING
If you wanted to take one network address and create six networks from it? You would
have to perform what is called subnetting, which allows you to take one larger network
and break it into many smaller networks.
There are many reasons to perform subnetting. Some of the benefits of subnetting
include the following:
Reduced network traffic We all appreciate less traffic of any kind. Networks are no
different. Without trusty routers, packet traffic could grind the entire network down to a
near standstill. With routers, most traffic will stay on the local network; only packets
destined for other networks will pass through the router. Routers create broadcast
domains. The smaller broadcast domains you create the less network traffic on that
network segment.
Optimized network performance This is a result of reduced network traffic.
Simplified management It‘s easier to identify and isolate network problems in a group
of smaller connected networks than within one gigantic network.
Facilitated spanning of large geographical distances Because WAN links are
considerably slower and more expensive than LAN links, a single large network that
spans long distances can create problems in every arena listed above. Connecting
multiple smaller networks makes the system more efficient.
Subnet Masks
For the subnet address scheme to work, every machine on the network must know which
part of the host address will be used as the subnet address. This is accomplished by
assigning a subnet mask to each machine. This is a 32-bit value that allows the recipient
of IP packets to distinguish the network ID portion of the IP address from the host ID
portion of the IP address.
When router receives packet with destination IP address it needs to route a packets & the
routing is based on the network address & subnetwork address so the router outside the

12.
For More : https://www.ThesisScientist.com
In a traditional LAN, workstations are connected to each other by means of a hub or a
repeater. These devices propagate any incoming data throughout the network. However,
if two people attempt to send information at the same time, a collision will occur and all
the transmitted data will be lost. Once the collision has occurred, it will continue to be
propagated throughout the network by hubs and repeaters. The original information will
therefore need to be resent after waiting for the collision to be resolved, thereby incurring
a significant wastage of time and resources.
To prevent collisions from traveling through all the workstations in the network, a bridge
or a switch can be used. These devices will not forward collisions, but will allow
broadcasts (to every user in the network) and multicasts (to a pre-specified group of
users) to pass through.
A router may be used to prevent broadcasts and multicasts from traveling through the
network.
The workstations, hubs, and repeaters together form a LAN segment. A LAN segment is
also known as a collision domain since collisions remain within the segment.
The area within which broadcasts and multicasts are confined is called a broadcast
domain or LAN.
Thus a LAN can consist of one or more LAN segments. Defining broadcast and collision
domains in a LAN depends on how the workstations, hubs, switches, and routers are
physically connected together. This means that everyone on a LAN must be located in the
same area (see Figure1).

13.
For More : https://www.ThesisScientist.com
Figure 1: Physical view of a LAN.
VLAN's allow a network manager to logically segment a LAN into different
broadcast domains (see Figure2). Since this is a logical segmentation and not a physical
one, workstations do not have to be physically located together. Users on different floors
of the same building, or even in different buildings can now belong to the same LAN

14.
For More : https://www.ThesisScientist.com
Physical View
Logical View
Figure 2: Physical and logical view of a VLAN.
VLAN's also allow broadcast domains to be defined without using routers. Bridging
software is used instead to define which workstations are to be included in the broadcast
domain. Routers would only have to be used to communicate between two VLAN.
The acronym VLAN expands to Virtual Local Area Network. A VLAN is a logical
local area network (or LAN) that extends beyond a single traditional LAN to a
group of LAN segments, given specific configurations. Because a VLAN is a logical
entity, its creation and configuration is done completely in software
Why use VLAN's?
VLAN's offer a number of advantages over traditional LAN's. They are:
1) Performance
In networks where traffic consists of a high percentage of broadcasts and
multicasts, VLAN's can reduce the need to send such traffic to unnecessary
destinations. For example, in a broadcast domain consisting of 10 users, if the
broadcast traffic is intended only for 5 of the users, then placing those 5 users on a
separate VLAN can reduce traffic
Compared to switches, routers require more processing of incoming traffic. As the
volume of traffic passing through the routers increases, so does the latency in the
routers, which results in reduced performance. The use of VLAN's reduces the
number of routers needed, since VLAN's create broadcast domains using switches
instead of routers.
2 Formation of Virtual Workgroups

15.
For More : https://www.ThesisScientist.com
Nowadays, it is common to find cross-functional product development teams with
members from different departments such as marketing, sales, accounting, and
research. These workgroups are usually formed for a short period of time. During
this period, communication between members of the workgroup will be high. To
contain broadcasts and multicasts within the workgroup, a VLAN can be set up
for them. With VLAN's it is easier to place members of a workgroup together.
Without VLAN's, the only way this would be possible is to physically move all
the members of the workgroup closer together.
However, virtual workgroups do not come without problems. Consider the
situation where one user of the workgroup is on the fourth floor of a building, and
the other workgroup members are on the second floor. Resources such as a printer
would be located on the second floor, which would be inconvenient for the lone
fourth floor user.
Another problem with setting up virtual workgroups is the implementation of
centralized server farms, which are essentially collections of servers and major
resources for operating a network at a central location. The advantages here are
numerous, since it is more efficient and cost-effective to provide better security,
uninterrupted power supply, consolidated backup, and a proper operating
environment in a single area than if the major resources were scattered in a
building. Centralized server farms can cause problems when setting up virtual
workgroups if servers cannot be placed on more than one VLAN. In such a case,
the server would be placed on a single VLAN and all other VLAN's trying to
access the server would have to go through a router; this can reduce performance
3 Simplified Administration
Seventy percent of network costs are a result of adds, moves, and changes of users
in the network Every time a user is moved in a LAN, rescaling, new station
addressing, and reconfiguration of hubs and routers becomes necessary. Some of
these tasks can be simplified with the use of VLAN's. If a user is moved within a
VLAN, reconfiguration of routers is unnecessary. In addition, depending on the
type of VLAN, other administrative work can be reduced or eliminated.
Despite this saving, VLAN's add a layer of administrative complexity, since it
now becomes necessary to manage virtual workgroups
4) Reduced Cost
VLAN's can be used to create broadcast domains which eliminate the need for
expensive routers.
5) Security

16.
For More : https://www.ThesisScientist.com
Periodically, sensitive data may be broadcast on a network. In such cases, placing
only those users who can have access to that data on a VLAN can reduce the
chances of an outsider gaining access to the data. VLAN's can also be used to
control broadcast domains, set up firewalls, restrict access, and inform the
network manager of an intrusion.
How VLAN's work
When a LAN bridge receives data from a workstation, it tags the data with a VLAN
identifier indicating the VLAN from which the data came. This is called explicit tagging.
It is also possible to determine to which VLAN the data received belongs using implicit
tagging. In implicit tagging the data is not tagged, but the VLAN from which the data
came is determined based on other information like the port on which the data arrived.
Tagging can be based on the port from which it came, the source Media Access Control
(MAC) field, the source network address, or some other field or combination of fields.
VLAN's are classified based on the method used. To be able to do the tagging of data
using any of the methods, the bridge would have to keep an updated database containing
a mapping between VLAN's and whichever field is used for tagging. For example, if
tagging is by port, the database should indicate which ports belong to which VLAN. This
database is called a filtering database. Bridges would have to be able to maintain this
database and also to make sure that all the bridges on the LAN have the same information
in each of their databases. The bridge determines where the data is to go next based on
normal LAN operations. Once the bridge determines where the data is to go, it now needs
to determine whether the VLAN identifier should be added to the data and sent. If the
data is to go to a device that knows about VLAN implementation (VLAN-aware), the
VLAN identifier is added to the data. If it is to go to a device that has no knowledge of
VLAN implementation (VLAN-unaware), the bridge sends the data without the VLAN
identifier.
In order to understand how VLAN's work, we need to look at the types of VLAN's, the
types of connections between devices on VLAN's, the filtering database which is used to
send traffic to the correct VLAN, and tagging, a process used to identify the VLAN
originating the data.
VLAN Standard: IEEE 802.1Q Draft Standard
There has been a recent move towards building a set of standards for VLAN products.
The Institute of Electrical and Electronic Engineers (IEEE) is currently working on a
draft standard 802.1Q for VLAN's. Up to this point, products have been proprietary,
implying that anyone wanting to install VLAN's would have to purchase all products

17.
For More : https://www.ThesisScientist.com
from the same vendor. Once the standards have been written and vendors create products
based on these standards, users will no longer be confined to purchasing products from a
single vendor.
Types of VLAN's
VLAN membership can be classified by port, MAC address, and protocol type.
1) Layer 1 VLAN: Membership by Port
Membership in a VLAN can be defined based on the ports that belong to the VLAN. For
example, in a bridge with four ports, ports 1, 2, and 4 belong to VLAN 1 and port 3
belongs to VLAN 2 (see Figure3).
Port VLAN
1 1
2 1
3 2
4 1
Figure3: Assignment of ports to different VLAN's.
The main disadvantage of this method is that it does not allow for user mobility. If a user
moves to a different location away from the assigned bridge, the network manager must
reconfigure the VLAN.
2) Layer 2 VLAN: Membership by MAC Address
Here, membership in a VLAN is based on the MAC address of the workstation. The
switch tracks the MAC addresses which belong to each VLAN (see Figure4). Since
MAC addresses form a part of the workstation's network interface card, when a
workstation is moved, no reconfiguration is needed to allow the workstation to remain in
the same VLAN. This is unlike Layer 1 VLAN's where membership tables must be
reconfigured.
MAC Address VLAN

18.
For More : https://www.ThesisScientist.com
1212354145121 1
2389234873743 2
3045834758445 2
5483573475843 1
Figure4: Assignment of MAC addresses to different VLAN's.
The main problem with this method is that VLAN membership must be assigned initially.
In networks with thousands of users, this is no easy task. Also, in environments where
notebook PC's are used, the MAC address is associated with the docking station and not
with the notebook PC. Consequently, when a notebook PC is moved to a different
docking station, its VLAN membership must be reconfigured.
3) Layer 2 VLAN: Membership by Protocol Type
VLAN membership for Layer 2 VLAN's can also be based on the protocol type field
found in the Layer 2 header (see Figure5).
Protocol VLAN
IP 1
IPX 2
Figure5: Assignment of protocols to different VLAN's.
4) Layer 3 VLAN: Membership by IP Subnet Address
Membership is based on the Layer 3 header. The network IP subnet address can be used
to classify VLAN membership (see Figure 6).
IP Subnet VLAN
23.2.24 1

19.
For More : https://www.ThesisScientist.com
26.21.35 2
Figure6: Assignment of IP subnet addresses to different VLAN's.
Although VLAN membership is based on Layer 3 information, this has nothing to do
with network routing and should not be confused with router functions. In this method, IP
addresses are used only as a mapping to determine membership in VLAN's. No other
processing of IP addresses is done.
In Layer 3 VLAN's, users can move their workstations without reconfiguring their
network addresses. The only problem is that it generally takes longer to forward packets
using Layer 3 information than using MAC addresses.
5) Higher Layer VLAN's
It is also possible to define VLAN membership based on applications or service, or any
combination thereof. For example, file transfer protocol (FTP) applications can be
executed on one VLAN and telnet applications on another VLAN.
The 802.1Q draft standard defines Layer 1 and Layer 2 VLAN's only. Protocol type
based VLAN's and higher layer VLAN's have been allowed for, but are not defined in
this standard. As a result, these VLAN's will remain proprietary.
Types of Connections
Devices on a VLAN can be connected in three ways based on whether the connected
devices are VLAN-aware or VLAN-unaware. Recall that a VLAN-aware device is one
which understands VLAN memberships (i.e. which users belong to a VLAN) and VLAN
formats.
1) Trunk Link
All the devices connected to a trunk link, including workstations, must be VLAN-aware.
All frames on a trunk link must have a special header attached. These special frames are
called tagged frames (see Figure7).

20.
For More : https://www.ThesisScientist.com
Figure7: Trunk link between two VLAN-aware bridges.
2) Access Link
An access link connects a VLAN-unaware device to the port of a VLAN-aware bridge.
All frames on access links must be implicitly tagged (untagged) (see Figure8). The
VLAN-unaware device can be a LAN segment with VLAN-unaware workstations or it
can be a number of LAN segments containing VLAN-unaware devices (legacy LAN).
Figure 8: Access link between a VLAN-aware bridge and a VLAN-unaware device.
3) Hybrid Link
This is a combination of the previous two links. This is a link where both VLAN-aware
and VLAN-unaware devices are attached (see Figure9). A hybrid link can have both
tagged and untagged frames, but allthe frames for a specific VLAN must be either tagged
or untagged.

21.
For More : https://www.ThesisScientist.com
Figure9: Hybrid link containing both VLAN-aware and VLAN-unaware devices.
It must also be noted that the network can have a combination of all three types of links.
Frame Processing
A bridge on receiving data determines to which VLAN the data belongs either by implicit
or explicit tagging. In explicit tagging a tag header is added to the data. The bridge also
keeps track of VLAN members in a filtering database which it uses to determine where
the data is to be sent. Following is an explanation of the contents of the filtering database
and the format and purpose of the tag header [802.1Q].
1) Filtering Database
Membership information for a VLAN is stored in a filtering database. The filtering
database consists of the following types of entries:
i) Static Entries
Static information is added, modified, and deleted by management only. Entries are not
automatically removed after some time (ageing), but must be explicitly removed by
management. There are two types of static entries:
a) Static Filtering Entries: which specify for every port whether frames to be sent to a
specific MAC address or group address and on a specific VLAN should be forwarded or
discarded, or should follow the dynamic entry, and
b) Static Registration Entries: which specify whether frames to be sent to a specific
VLAN are to be tagged or untagged and which ports are registered for that VLAN.
ii) Dynamic Entries
Dynamic entries are learned by the bridge and cannot be created or updated by
management. The learning process observes the port from which a frame, with a given
source address and VLAN ID (VID), is received, and updates the filtering database. The
entry is updated only if all the following three conditions are satisfied:
a) this port allows learning,
b) the source address is a workstation address and not a group address, and
c) there is space available in the database.
Entries are removed from the database by the ageing out process where, after a certain
amount of time specified by management (10 sec --- 1000000 sec), entries allow

22.
For More : https://www.ThesisScientist.com
automatic reconfiguration of the filtering database if the topology of the network
changes. There are three types of dynamic entries:
a) Dynamic Filtering Entries: which specify whether frames to be sent to a specific MAC
address and on a certain VLAN should be forwarded or discarded.
b) Group Registration Entries: which indicate for each port whether frames to be sent to a
group MAC address and on a certain VLAN should be filtered or discarded. These entries
are added and deleted using Group Multicast Registration Protocol (GMRP). This allows
multicasts to be sent on a single VLAN without affecting other VLAN's.
c) Dynamic Registration Entries: which specify which ports are registered for a specific
VLAN. Entries are added and deleted using GARP VLAN Registration Protocol
(GVRP), where GARP is the Generic Attribute Registration Protocol.
GVRP is used not only to update dynamic registration entries, but also to communicate
the information to other VLAN-aware bridges.
In order for VLAN's to forward information to the correct destination, all the bridges in
the VLAN should contain the same information in their respective filtering databases.
GVRP allows both VLAN-aware workstations and bridges to issue and revoke VLAN
memberships. VLAN-aware bridges register and propagate VLAN membership to all
ports that are a part of the active topology of the VLAN. The active topology of a
network is determined when the bridges are turned on or when a change in the state of the
current topology is perceived.
The active topology is determined using a spanning tree algorithm which prevents the
formation of loops in the network by disabling ports. Once an active topology for the
network (which may contain several VLAN's) is obtained, the bridges determine an
active topology for each VLAN. This may result in a different topology for each VLAN
or a common one for several VLAN's. In either case, the VLAN topology will be a subset
of the active topology of the network (see Figure 10).

23.
For More : https://www.ThesisScientist.com
Figure10: Active topology of network and VLAN A using spanning tree algorithm.
2) Tagging
When frames are sent across the network, there needs to be a way of indicating to which
VLAN the frame belongs, so that the bridge will forward the frames only to those ports
that belong to that VLAN, instead of to all output ports as would normally have been
done. This information is added to the frame in the form of a tag header. In addition, the
tag header:
i) allows user priority information to be specified,
ii) allows source routing control information to be specified, and
iii) indicates the format of MAC addresses.
Frames in which a tag header has been added are called tagged frames. Tagged frames
convey the VLAN information across the network.
The tagged frames that are sent across hybrid and trunk links contain a tag header. There
are two formats of the tag header:

24.
For More : https://www.ThesisScientist.com
i) Ethernet Frame Tag Header: The ethernet frame tag header (see Figure11) consists of a
tag protocol identifier (TPID) and tag control information (TCI).
Figure11: Ethernet frame tag header.
ii) Token Ring and Fiber Distributed Data Interface (FDDI) tag header: The tag headers
for both token ring and FDDI networks consist of a SNAP-encoded TPID and TCI.
Figure12: Token ring and FDDI tag header.
TPID is the tag protocol identifier which indicates that a tag header is following and TCI
(see Figure 13) contains the user priority, canonical format indicator (CFI), and the
VLAN ID.
Figure13: Tag control information (TCI).
User priority is a 3 bit field which allows priority information to be encoded in the frame.
Eight levels of priority are allowed, where zero is the lowest priority and seven is the
highest priority. How this field is used is described in the supplement 802.1p.
The CFI bit is used to indicate that all MAC addresses present in the MAC data field are
in canonical format. This field is interpreted differently depending on whether it is an
ethernet-encoded tag header or a SNAP-encoded tag header. In SNAP-encoded TPID the
field indicates the presence or absence of the canonical format of addresses. In ethernet-
encoded TPID, it indicates the presence of the Source-Routing Information (RIF) field
after the length field. The RIF field indicates routing on ethernet frames.
The VID field is used to uniquely identify the VLAN to which the frame belongs. There
can be a maximum of (2 12
- 1) VLAN's. Zero is used to indicate no VLAN ID, but that

25.
For More : https://www.ThesisScientist.com
user priority information is present. This allows priority to be encoded in non-priority
LAN's.
VLAN modes
There are three different modes in which a VLAN can be configured. These modes are
covered below:
 VLAN Switching Mode - The VLAN forms a switching bridge in which frames
are forwarded unmodified.
 VLAN Translation Mode - VLAN translation mode is used when the frame
tagging method is changed in the network path, or if the frame traverses from a
VLAN group to a legacy or native interface which is not configured in a VLAN.
When the packet is to pass into a native interface, the VLAN tag is removed so
that the packet can properly enter the native interface.
 VLAN Routing Mode - When a packet is routed from one VLAN to a different
VLAN, you use VLAN routing mode. The packet is modified, usually by a router,
which places its own MAC address as the source, and then changes the VLAN ID
of the packet.
VLAN configurations
 VLAN ID - The VLAN ID is a unique value you assign to each VLAN on a
single device. With a Cisco routing or switching device running IOS, your range
is from 1-4096. When you define a VLAN you usually use the syntax "vlan x"
where x is the number you would like to assign to the VLAN ID. VLAN 1 is
reserved as an administrative VLAN. If VLAN technologies are enabled, all ports
are a member of VLAN 1 by default.
 VLAN Name - The VLAN name is an text based name you use to identify your
VLAN, perhaps to help technical staff in understanding its function. The string
you use can be between 1 and 32 characters in length.
 Private VLAN - You also define if the VLAN is to be a private vlan in the VLAN
definition, and what other VLAN might be associated with it in the definition
section. When you configure a Cisco VLAN as a private-vlan, this means that
ports that are members of the VLAN cannot communicate directly with each other
by default. Normally all ports which are members of a VLAN can communicate
directly with each other just as they would be able to would they have been a
member of a standard network segment. Private vlans are created to enhance the
security on a network where hosts coexisting on the network cannot or should not
trust each other. This is a common practice to use on web farms or in other high
risk environments where communication between hosts on the same subnet are

26.
For More : https://www.ThesisScientist.com
not necessary. Check your Cisco documentation if you have questions about how
to configure and deploy private VLANs.
 VLAN modes - in Cisco IOS, there are only two modes an interface can operate
in, "mode access" and "mode trunk". Access mode is for end devices or devices
that will not require multiple VLANs. Trunk mode is used for passing multiple
VLANs to other network devices, or for end devices that need to have
membership to multiple VLANs at once. If you are wondering what mode to use,
the mode is probably "mode access".
VLAN Definition
To define a VLAN on a cisco device, you need a VLAN ID, a VLAN name, ports you
would like to participate in the VLAN, and the type of membership the port will have
with the VLAN.
Step 1 configure terminal
Step 2 vlan vlan-id
Step 3 name vlan-name
Step 4- If you want your new VLAN to be a private-vlan, you now enter "private-vlan
primary" and "private-vlan association Y" where Y is the secondary VLAN you want
to associate with the primary vlan. If you would like the private VLAN to be community
based, you enter "private-vlan community" instead.
Step 5 end
Step 6 show vlan {name vlan-name | id vlan-id}
You have now created a vlan by assigning it an ID, and giving it a name. At this point,
the VLAN has no special configuration to handle IP traffic, nor are there any ports that
are members of the VLAN. The next section describes how you complete your vlan
configuration.
VLAN Configuration
 Step 1 - Enter "Interface VlanX" where X is the VLAN ID you used in the VLAN
definition above.
 Step 2 - This step is optional. Enter "description " where VLAN description
details what the VLAN is going to be used for. You can just simply re-use the
VLAN name you used above if you like.
 Step 3 - Enter "ip address <address> <netmask>" where <address> is the address
you want to assign this device in the VLAN, and <netmask> is the network mask
for the subnet you have assigned the VLAN.
 Step 4 - The step is optional. Create and apply an access list to the VLAN for
inbound and outbound access controls. For a standard access list enter "access-
group XXX in" and "access-group YYY out" where XXX and YYY corresponds
to access-lists you have previously configured. Remember that the terms are taken

27.
For More : https://www.ThesisScientist.com
in respect to the specific subnet or interface, so "in" means from the VLAN INTO
the router, and "out" means from the router OUT to the VLAN.
 Step 5 - This step is optional. Enter the private VLAN mapping you would like to
use if the port is part of a private VLAN. This should be the same secondary
VLAN you associated with the primary VLAN in VLAN definition above. Enter
"private-vlan mapping XX" where XX is the VLAN ID of the secondary VLAN
you would like to associate with this VLAN.
 Step 6 - This step is optional. Configure HSRP and any other basic interface
configurations you would normally use for your Cisco device.
 Step 7 - Exit configuration mode by entering "end".
 Step 8 - Save your configuration to memory by entering "wr mem" and to the
network if you have need using "wr net". You may have to supply additional
information to write configurations to the network depending on your device
configuration.
Now you have your vlan defined and configured, but no physical ports are a member of
the VLAN, so the VLAN still isn't of much use. Next port membership in the VLAN is
described. IOS devices describe interfaces based on a technology and a port number, as
with "FastEthernet3/1" or "GigabitEthernet8/16". Once you have determined which
physical ports you want to be members of the VLAN you can use the following steps to
configure it. NOTE: These steps have already assumed that you have logged into the
router, gotten into enable mode, and entered configuration mode.
For access ports
 Step 1 - Enter "Interface <interface name>" where <interface name> is the name
Cisco has assigned the interface you would like to associate with the VLAN.
 Step 2 - This step is optional. Enter "description <interface description>" where
<interface description> is text describing the system connected to the interface in
question. It is usually helpful to provide DNS hostname, IP Address, which port
on the remote system is connected, and its function.
 Step 3 - This step depends on your equipment and IOS version, and requirements.
Enter "switchport" if you need the interface to act as a switch port. Some
hardware does not support switchport mode, and can only be used as a router port.
Check your documentation if you don't know the difference between a router port
and a switch port.
 Step 4 - Only use this step if you used step 3 above. Enter "switchport access vlan
X" where X is the VLAN ID of the VLAN you want the port to be a member of.
 Step 5 - Only use this step if you used step 3 above. Enter "switchport mode
access" to tell the port that you want it to be used as an access port.
 Step 6 - Exit configuration mode by entering "end".
 Step 7 - Save your configuration to memory by entering "wr mem" and to the
network if you have need using "wr net". You may have to supply additional
information to write configurations to the network depending on your device
configuration.

28.
For More : https://www.ThesisScientist.com
For trunk ports
 Step 1 - Enter "Interface <interface name>" where <interface name> is the name
Cisco has assigned the interface you would like to associate with the VLAN.
 Step 2 - This step is optional. Enter "description <interface description>" where
<interface description> is text describing the system connected to the interface in
question. It is usually helpful to provide DNS hostname, IP Address, which port
on the remote system is connected, and its function.
 Step 3 - This step depends on your equipment and IOS version, and requirements.
Enter "switchport" if you need the interface to act as a switch port. Some
hardware does not support switchport mode, and can only be used as a router port.
Check your documentation if you don't know the difference between a router port
and a switch port.
 Step 4 - Only use this step if you used step 3 above. Enter "switchport trunk
encapsulation dot1q". This tells the VLAN to use dot1q encapsulation for the
VLAN, which is the industry standard encapsulation for trunking. There are other
encapsulation options, but your equipment may not operate with non Cisco
equipment if you use them.
 Step 5 - Only use this step if you used step 3 above. Enter "switchport trunk
allowed vlan XX, YY, ZZ" where XX, YY, and ZZ are VLANs you want the
trunk to include. You can define one or more VLANs to be allowed in the trunk.
 Step 6 - Only use this step if you used step 3 above. Enter "switchport mode
trunk" to tell the port to operate as a VLAN trunk, and not as an access port.
 Step 7 - Exit configuration mode by entering "end".
 Step 8 - Save your configuration to memory by entering "wr mem" and to the
network if you have need using "wr net". You may have to supply additional
information to write configurations to the network depending on your device
configuration.
For private VLAN ports
 Step 1 - Enter "Interface <interface name>" where <interface name> is the name
Cisco has assigned the interface you would like to associate with the VLAN.
 Step 2 - This step is optional. Enter "description <interface description>" where
<interface description> is text describing the system connected to the interface in
question. It is usually helpful to provide DNS hostname, IP Address, which port
on the remote system is connected, and its function.
 Step 3 - This step depends on your equipment and IOS version, and requirements.
Enter "switchport" if you need the interface to act as a switch port. Some
hardware does not support switchport mode, and can only be used as a router port.
Check your documentation if you don't know the difference between a router port
and a switch port.
 Step 4 - Enter "switchport private-vlan host association XX YY" where XX is the
primary VLAN you want to assign, YY is the secondary VLAN you want to
associate with it.

29.
For More : https://www.ThesisScientist.com
 Step 5 - Enter "switchport mode private-vlan host" to force the port to operate as a
private-vlan in host mode.
 Step 6 - Exit configuration mode by entering "end".
 Step 7 - Save your configuration to memory by entering "wr mem" and to the
network if you have need using "wr net". You may have to supply additional
information to write configurations to the network depending on your device
configuration.
You should now have your VLAN properly implemented on a Cisco IOS device
5 What is routing?
Routing is used for taking a packet from one device and sending it through the network to
another device on a different network. For this we use router.
Routers route traffic to all the networks in your internet work. To be able to route
packets, a router must know, at a minimum, the following:
 Destination address
 Neighbor routers from which it can learn about remote networks
 Possible routes to all remote networks
 The best route to each remote network
 How to maintain and verify routing information
Routing table:-
The routing information a router learns from its routing source is placed in routing table.
At a minimum, each route entry in the database must contain two items:
 Destination address This is the address of the network the router can reach. As
this chapter explains, the router might have more than one route to the same
address, or a group of subnets of the same or of varying lengths, grouped under
the same major IP network address.
 Pointer to the destination This pointer either will indicate that the destination
network is directly connected to the router or it will indicate the address of

30.
For More : https://www.ThesisScientist.com
another router on a directly connected link or the local interface to that link. That
router, which will be one router hop closer to the destination, is a next-hop router.
The router will match the most specific address. The address may be one of the
following:
 Host address (a host route)
 Subnet
 Group of subnets (a summary route)
 Major network number
 Group of major network numbers (a supernet)
 Default address
Routing technique:-
a) Next hop routing:-
 In this the routing table will contains only the information that will leads to next
hops.
 Its does not contain information about complete routing as shown in fig
b) Network specific routing:-
 In this routing table will contain only one entry which will define the address of
network itself.
 It does not contain the entry of every host connected to same physical network as
shown below

31.
For More : https://www.ThesisScientist.com
c) Host specific routing:-
 In this routing table will contain the destination host address in given routing
table.
 This type of routing is used for specific purposes such as checking the route or
providing security measures. As shown above fig.
How routing table are used?
Routers use the information in routing table to forwards packets as follows:-
1. When router receives a packet on interface it examines the destination address
field.
2. The router checks it routing table to see if it knows how to forward the packet
towards the destination:-
 If the destination network is not contained in routing table the router drops the
packets
 If the destination network is contained in routing table the router checks the entry
to see which most desirable path for the packet to take is.
3. When it has determined the preferred path to the destination the router checks the
routing table entry to see which of its interface leads to the next hop in that path.
The next hop might be another intermediate router as the destination network
itself.
4. The routers queues the packet at the appropriate interfaces & the packet are sent
on its ways to the next hop in the path to the destination.
Different type of routing
a) Static routing
b) Default routing

32.
For More : https://www.ThesisScientist.com
c) Dynamic routing
Static routing:-
Static routing is the process of an administrator manually adding routes in each router‘s
routing table. In static routing algorithms, routes change very slowly over time, often as a
result of human intervention (e.g., a human manually editing a router's forwarding table).
Static routing has the following benefits:
 No overhead on the router CPU
 No bandwidth usage between routers
 Security (because the administrator only allows routing to certain networks)
Static routing has the following disadvantages:
 The administrator must really understand the internet work and how each router is
connected to configure the routes correctly.
 If one network is added to the internet work, the administrator must add a route to
it on all routers.
 It‘s not feasible in large networks because it would be a full-time job.
The command used to add a static route to a routing table is
ip route [destination_network] [mask] [next_hop_address or exit interface]
[administrative_distance][permanent]
The following list describes each command in the string:
a) Ip route The command used to create the static route.
b) Destination network The network you are placing in the routing table.
c) Mask Indicates the subnet mask being used on the network.
d) Next hop address The address of the next hop router that will receive the
packet and forward it to the remote network. This is a router interface that is
on a directly connected network. You must be able to ping the router interface
before you add the route.
e) Exit interface Used in place of the next hop address if desired. Must be on a
point-to-point link, such as a WAN. This command does not work on a LAN;
for example, Ethernet.
f) Administrative distance By default, static routes have an administrative
distance of 1. You can change the default value by adding an administrative
weight at the end of the command.
g) Permanent If the interface is shut down or the router cannot communicate to
the next hop router, the route is automatically discarded from the routing
table. Choosing the permanent option keeps the entry in the routing table no
matter what happens.
Administrative Distances
When configuring routing protocols, you need to be aware of administrative distances
(ADs). These are used to rate the trustworthiness of routing information received on a

33.
For More : https://www.ThesisScientist.com
router from a neighbor router. An administrative distance is an integer from 0 to 255,
where 0 is the most trusted and 255 means no traffic will be passed via this route.
Lab 5.1: Creating Static Routes
In this first lab, you will create a static route in all four routers so that the routers see all
networks. Verify with the Ping program when complete.

34.
For More : https://www.ThesisScientist.com
1. The 2621 router is connected to network 172.16.10.0/24. It does not know
about networks 172.16.20.0/24, 172.16.30.0/24, 172.16.40.0/24, and
172.16.50.0/24. Create static routes so that the 2621 router can see all
networks, as shown here.

2621#config t
2621(config)#ip route 172.16.20.0 255.255.255.0 172.16.10.1
2621(config)#ip route 172.16.30.0 255.255.255.0 172.16.10.1
2621(config)#ip route 172.16.40.0 255.255.255.0 172.16.10.1
2621(config)#ip route 172.16.50.0 255.255.255.0 172.16.10.1
2. Save the current configuration for the 2621 router by going to the enabled mode,
typing copy run start, and pressing Enter.
3. On Router A, create a static route to see networks 172.16.10.0/24, 172.16.30.0/24,
172.16.40.0/24, and 172.16.50.0/24, as shown here.
RouterA#config t
RouterA(config)#ip route 172.16.30.0 255.255.255.0 172.16.20.2
RouterA(config)#ip route 172.16.40.0 255.255.255.0 172.16.20.2
RouterA(config)#ip route 172.16.50.0 255.255.255.0 172.16.20.2
These commands told Router A to get to network 172.16.30.0/24 and use either IP
address 172.16.20.2, which is the closet neighbor interface connected to network
172.16.30.0/24, or Router B. This is the same interface you will use to get to networks
172.16.40.0/24 and 172.16.50.0/24.
5. Save the current configuration for Router A by going to the enabled mode, typing
copy run start, and pressing Enter.
6. On Router B, create a static route to see networks 172.16.10.0/24 and
172.16.50.0/24, which are not directly connected. Create static routes so that
Router B can see all networks, as shown here.
RouterB#config t
RouterB(config)#ip route 172.16.10.0 255.255.255.0 172.16.20.1
RouterB(config)#ip route 172.16.50.0 255.255.255.0 172.16.40.2
The first command told Router B that to get to network 172.16.10.0/24, it needs to use
172.16.20.1. The next command told Router B to get to network 172.16.50.0/24 through
172.16.40.2. Save the current configuration for Router B by going to the enable mode,
typing copy run start, and pressing Enter.

35.
For More : https://www.ThesisScientist.com
6. Router C is connected to networks 172.16.50.0/24 and 172.16.40.0/ 24. It does not
know about networks 172.16.30.0/24, 172.16.20.0/ 24, and 172.16.10.0/24. Create static
routes so that Router C can see all networks, as shown here.
RouterC#config t
RouterC(config)#ip route 172.16.30.0 255.255.255.0 172.16.40.1
RouterC(config)#ip route 172.16.20.0 255.255.255.0 172.16.40.1
RouterC(config)#ip route 172.16.10.0 255.255.255.0 172.16.40.1
Save the current configuration for Router C by going to the enable mode, typing copy
run start, and pressing Enter. Now ping from each router to your hosts and from each
router to each router. If it is set up correctly, it will work.
Default Routing
Default routing is used to send packets with a remote destination network not in the
routing table to the next hop router. You can only use default routing on stub networks,
which means that they have only one exit port out of the network.
To configure a default route, you use wildcards in the network address and mask
locations of a static route.
Dynamic Routing
Dynamic routing is the process of using protocols to find and update routing tables on
routers. Dynamic routing algorithms change the routing paths as the network traffic loads
(and the resulting delays experienced by traffic) or topology change.
A dynamic algorithm can be run either periodically or in direct response to topology or
link cost changes. While dynamic algorithms are more responsive to network changes,
they are also more susceptible to problems such as routing loops and oscillation in routes,
issues.
Advantage:-
This is easier than static or default routing
Disadvantage:-
Expense of router CPU processes
Bandwidth on the network links.
What is difference between?
a) centralized vs. distributed routing
b) interdomain vs. intradomain routing
c) host based vs. router based routing
d) unicast vs. multicast routing
a) Centralized vs. distributed routing

36.
For More : https://www.ThesisScientist.com
Centralized:-
In a centralized routing environment a single router collects & distributes topology
information for all part of internet work.
Advantage:
 Its relieves other routers in the inter network of responsibility of route collection.

Disadvantage:-
 Network links from the central router to other router carry a disproportionate
amount of traffic.
 If central routers fails other routers do not receives routing updates so to remove
this problem we use backup central routers.

Distributed routing:-
In a distributed routing environment all routers in the internet work share the
responsibility for collecting, distributing & using internet work topology information.
Advantage:
 Self sufficiency of individual router makes the routing environment more tolerant
of routing failures.
 Also traffic is evenly distributed among networks links.

Disadvantage:-
 It is that there are significantly more relationships established between routers &
all routers are burdened with route calculation & other processing tasks.
b) Interdomain vs. Intradomain routing
Interdomain: - (it’s also called exterior routing)
This type of routing occurs between multiple autonomous systems. E.g. BGP
Intradomain routing: - (it is also called interior routing)
In this routing occurs only within autonomous system e.g. IGRP
Autonomous system:-
It is a group of networks & routers under the authority of a single administration is called
autonomous system.
b) Host based vs. router based routing
Router based routing:-
 Routers are responsible for determining the route to a destination through the
network

37.
For More : https://www.ThesisScientist.com
 Routers make routing decisions based on their own calculations
 The router will consider the entire best path based on various measures.
 Path selected is not optimal
 No discovery traffic is generated
 Decision making process is very rapid
Host based routing: - (same as host specific routing)
 Source end is responsible for determining the route to a destination through
internet network.
 Here router acts as store & forward devices simply sending packets to next
devices in the path.
 The source end node discovers all possible route to a destination before the packet
is sent into the internet work
 It then choice best optimal path
 It often require substantial discovery traffic
 It takes significant amount of time.

c) Unicast vs. multicast routing

Unicast routing:-
 In unicast routing there is one source and one destination.
 The address for both source & destination is unicast address assign to host.
 In Uincast routing when a router receives a packet it forward the packet through
only one of its ports
Multicast routing:-
In multicast routing there is one source & group of destination.
Source address is unicast address & destination address is group of address (class D)
Group of address: - its define the members of group
UNICAST ROUTING PROTOCOL
INTERIOR ROUTING EXTERIOR ROUTING
IGRP RIP OSPF
BGP

38.
For More : https://www.ThesisScientist.com
DVMRP- DISTANCE VECTOR MULTICAST ROUTING PROTOCOL
MOSPF- MULTICAST OPEN SHORTEST PATH FIRST PROTOCOL
PIM – PROTOCOL INDEPENDENT MULTICAST
PIM-DM- PROTOCOL INDEPENDENT MULTICAST DENSE MODE
PIM-SM- PROTOCOL INDEPENDENT MULTICAST SPARSE MODE
CBT- CORE BASED TREE
Routing Protocols: RIP, OSPF, and BGP
RIP
RIP is a distance vector protocol using hop count as a routing metric to measure the
distance between the source and a destination network. Each link is assigned a hop-count
value (which is 1 typically).
RIP routers maintain only the best route (the route with the lowest hop count value) to a
destination in their routing tables. Each RIP router sends routing-update messages at
regular intervals and when the network topology changes. When a router receives a
routing update message that indicates a route change, it updates its routing table and
immediately sends routing-update messages to inform its neighbors about the change.
RIP uses a number of timers in routing,
1. The route-update timer. Clocks the interval between periodic routing updates, and is
generally set to 30 seconds plus a small, randomly generated number of seconds to avoid
collisions.
2. The route-invalid timer. A route becomes invalid when it is not updated over a period
defined by this timer. The route is marked as inaccessible and advertised as unreachable
.However, the router still forwards packets to this route until the flush interval (see
below) expires. The default value is 180 seconds.
MULTICAST ROUTING PROTOCOL
SOURCE BASED TREE GROUP SHARED TREE
DVMRP MOSPF
PIM
P
PIM-
DM
PIM-
SM
CBT

39.
For More : https://www.ThesisScientist.com
3. The route-hold-down timer. The interval during which routing information regarding
better paths is suppressed. The interval should be at least three times the value of the
update timer. A route enters into a hold down state when an update packet is received
indicating the route is unreachable. The default value is 180 seconds.
4. The route-flush timer. Amount of time that must pass before the route is removed
from the routing table. The interval should be longer than the larger of the invalid and
hold-down values. The default value is 240 seconds.
RIP packet types
The RIP protocol specifies two packet types. These packets can be sent by any device
running the RIP protocol:
Request packets: A request packet queries neighboring RIP devices to obtain their
distance vector table. The request indicates if the neighbor should return either a specific
subset or the entire contents of the table.
Response packets: A response packet is sent by a device to advertise the information
maintained in its local distance vector table. The table is sent during the following
situations:
 The table is automatically sent every 30 seconds.
 The table is sent as a response to a request packet generated by another RIP node.
 If triggered updates are supported, the table is sent when there is a change to the
local distance vector table.
 When a response packet is received by a device, the information contained in the
update is compared against the local distance vector table. If the update contains a
lower cost route to a destination, the table is updated to reflect the new path.
RIP modes of operation
RIP hosts have two modes of operation:
 Active mode: Devices operating in active mode advertise their distance vector
table and also receive routing updates from neighboring RIP hosts. Routing
devices are typically configured to operate in active mode.
 Passive (or silent) mode: Devices operating in this mode simply receive routing
updates from neighboring RIP devices. They do not advertise their distance vector
table. End stations are typically configured to operate in passive mode.
RIP messages format
RIP messages are encapsulated in UDP datagrams, using the well-known port number
520. Figure 4.4 shows the format of a RIP message, and Fig. 4.5 shows the format of a
RIP-2 message.
The fields of a RIP message are listed here.
 Command: Indicates whether the packet is a request (1) or a response (2).
 Version Number: Specifies the RIP version used (1 or 2).
 Address-Family Identifier: Specifies the address family used. RIP can be used
to carry routing information for several different protocol families. For IP, this
field is 2.

40.
For More : https://www.ThesisScientist.com
 Address: Specifies the IP address for the entry.
 Metric: Indicates how many hops have been traversed from the source to the
destination.
The RIP-2 message takes advantage of the unused fields in RIP, and provides additional
information such as subnet support and a simple authentication scheme. These fields are
listed here.
 Routing Domain: The identifier of the routing daemon that sends this message
(e.g., the process ID of the routing daemon).
 Route Tag: Used to support EGPs, carrying the AS number.
 Subnet Mask: The subnet mask associated with the IP address advertised.
 Next-hop IP Address: Where IP datagrams to the advertised IP address should
be forwarded to.
RIP is widely used because of its simplicity and low routing overhead. However, it has
the Count-to-Infinity problem which causes routing loops. To solve this problem, RIP
uses a hop-count limit of 15.

41.
For More : https://www.ThesisScientist.com
NOTE: - RIP version 1 uses only classful routing, which means that all devices in the
network must use the same subnet mask. This is because RIP version 1 does not send
updates with subnet mask information in tow. RIP version 2 provides what is called
prefix routing and does send subnet mask information with the route updates. This is
called classless routing.
Configuring RIP
To configure RIP routing, just turn on the protocol with the router rip command and
tell the RIP routing protocol which networks to advertise.

42.
For More : https://www.ThesisScientist.com
Lab 5.2: Dynamic Routing with RIP
In this lab, we will use the dynamic routing protocol RIP instead of static and default
routing.
1. Remove any static routes or default routes configured on your routers by using the no
ip route command. For example:
RouterA#config t
RouterA(config)#no ip route 172.16.10.0 255.255.255.0 172.16.11.2
RouterA(config)#no ip route 172.16.30.0 255.255.255.0 172.16.20.2
RouterA(config)#no ip route 172.16.40.0 255.255.255.0 172.16.20.2
RouterA(config)#no ip route 172.16.50.0 255.255.255.0 172.16.20.2
RouterA(config)#no ip route 172.16.55.0 255.255.255.0 172.16.20.2
Do the same thing for Routers B and C and the 2621 router. Type sh run and press Enter
on each router to verify that all static and default routes are cleared.
2. After your static and default routers are clear, go into configuration mode on Router A
by typing
config t.
3. Tell your router to use RIP routing by typing router rip and pressing
Enter, as shown here:
config t
router rip
4. Add the network number you want to advertise by typing network 172.16.0.0 and
pressing Enter.
5. Press Ctrl+Z to get out of configuration mode.
6. Go to Routers B and C and the 2621 router and type the same commands, as shown
here:
Config t
Router rip
Network 172.16.0.0
7. Verify that RIP is running at each router by typing the following commands at each
router:
show ip protocol
show ip route
show running-config or show run
8. Save your configurations by typing copy run start or copy runningconfig startup-
config and pressing Enter at each router.

43.
For More : https://www.ThesisScientist.com
9. Verify the network by pinging all remote networks and hosts.

44.
For More : https://www.ThesisScientist.com
OSPF
The Open Shortest Path First (OSPF) protocol is another example of an interior gateway
protocol. It was developed as a non-proprietary routing alternative to address the
limitations of RIP.
The following features contribute to the continued acceptance of the OSPF standard:
 Equal cost load balancing: The simultaneous use of multiple paths can provide
more efficient utilization of network resources.
 Logical partitioning of the network: This reduces the propagation of outage
information during adverse conditions. It also provides the ability to aggregate
routing announcements that limit the advertisement of unnecessary subnet
information.
 Support for authentication: OSPF supports the authentication of any node
transmitting route advertisements. This prevents fraudulent sources from
corrupting the routing tables.
 Faster convergence time: OSPF provides instantaneous propagation of routing
changes. This expedites the convergence time required to update network
topologies.
 Support for CIDR and VLSM: This allows the network administrator to
efficiently allocate IP address resources.

45.
For More : https://www.ThesisScientist.com
OSPF is a link state protocol. As with other link state protocols, each OSPF router
executes the SPF algorithm to process the information stored in the link state database.
The algorithm produces a shortest-path tree detailing the preferred routes to each
destination network.
OSPF terminology
OSPF uses specific terminology to describe the operation of the protocol.
OSPF areas
OSPF networks are divided into a collection of areas. An area consists of a logical
grouping of networks and routers. The area can coincide with geographic or
administrative boundaries. Each area is assigned a 32-bit area ID.
Subdividing the network provides the following benefits:
 Within an area, every router maintains an identical topology database describing
the routing devices and links within the area. These routers have no knowledge of
topologies outside the area. They are only aware of routes to these external
destinations. This reduces the size of the topology database maintained by each
router.
 Areas limit the potentially explosive growth in the number of link state updates.
Most LSAs are distributed only within an area.
 Areas reduce the CPU processing required to maintain the topology database. The
SPF algorithm is limited to managing changes within the area.
Backbone area and area 0
All OSPF networks contain at least one area. This area is known as area 0 or the
backbone area
In networks containing multiple areas, the backbone physically connects to all other
areas. OSPF expects all areas to announce routing information directly into the backbone.
The backbone then announces this information into other areas.
Figure 5-14 depicts a network with a backbone area and four additional areas

46.
For More : https://www.ThesisScientist.com
Intra-area, area border, and AS boundary routers
There are three classifications of routers in an OSPF network. Figure 5-14 illustrates the
interaction of these devices.
Intra-area routers :- This class of router is logically located entirely within an OSPF area.
Intra-area routers maintain a topology database for their local area.
Area border routers (ABR) :- This class of router is logically connected to two or more
areas. One area must be the backbone area. An ABR is used to interconnect areas. They
maintain a separate topology database for each attached area. ABRs also execute separate
instances of the SPF algorithm for each area.
AS boundary routers (ASBR) :- This class of router is located at the periphery of an
OSPF internetwork. It functions as a gateway exchanging reachability between the OSPF
network and other routing environments.
Each router is assigned a 32-bit router ID (RID). The RID uniquely identifies the device
Physical network types

47.
For More : https://www.ThesisScientist.com
OSPF categorizes network segments into three types. The frequency and types of
communication occurring between OSPF devices connected to these networks is
impacted by the network type:
1. Point-to-point: Point-to-point networks directly link two routers.
2. Multi-access: Multi-access networks support the attachment of more than two
routers.
They are further subdivided into two types:
 Broadcast networks have the capability of simultaneously directing a
packet to all attached routers. This capability uses an address that is
recognized by all devices. Ethernet and token-ring LANs are examples of
OSPF broadcast multi-access networks.
 Non-broadcast networks do not have broadcasting capabilities. Each
packet must be specifically addressed to every router in the network. X.25
and frame relay networks are examples of OSPF non-broadcast multi-
access networks.
3. Point-to-multipoint: Point-to-multipoint networks are a special case of multi-
access, non-broadcast networks. In a point-to-multipoint network, a device is not
required to have a direct connection to every other device. This is known as a
partially meshed environment.
Neighbor routers and adjacencies
Routers that share a common network segment establish a neighbor relationship on the
segment. Routers must agree on the following information to become neighbors:
 Area ID: The routers must belong to the same OSPF area.
 Authentication: If authentication is defined, the routers must specify the same
password.
 Hello and dead intervals: The routers must specify the same timer intervals used
in the Hello protocol.
 Stub area flag: The routers must agree that the area is configured as a stub area.
After two routers have become neighbors, an adjacency relationship can be formed
between the devices. Neighboring routers are considered adjacent when they have
synchronized their topology databases. This occurs through the exchange of link state
information.
Designated and backup designated router
The exchange of link state information between neighbors can create significant
quantities of network traffic. To reduce the total bandwidth required to synchronize
databases and advertise link state information, a router does not necessarily develop
adjacencies with every neighboring device:

48.
For More : https://www.ThesisScientist.com
 Multi-access networks: Adjacencies are formed between an individual router and
the (backup) designated router.
 Point-to-point networks: An adjacency is formed between both devices.
Each multi-access network elects a designated router (DR) and backup designated router
(BDR). The DR performs two key functions on the network segment:
 It forms adjacencies with all routers on the multi-access network. This causes the
DR to become the focal point for forwarding LSAs.
 It generates network link advertisements listing each router connected to the
multi-access network
The BDR forms the same adjacencies as the designated router. It assumes DR
functionality when the DR fails.
Each router is assigned an 8-bit priority, indicating its ability to be selected as the DR or
BDR. A router priority of zero indicates that the router is not eligible to be selected. The
priority is configured on each interface in the router.
Figure 5-15 illustrates the relationship between neighbors. No adjacencies are formed
between routers that are not selected to be the DR or BDR.
Link state database
The link state database is also called the topology database. It contains the set of link
state advertisements describing the OSPF network and any external connections. Each
router within the area maintains an identical copy of the link state database.

49.
For More : https://www.ThesisScientist.com
Link state advertisements and flooding
The contents of an LSA describe an individual network component (that is, router,
segment, or external destination). LSAs are exchanged between adjacent OSPF routers.
This is done to synchronize the link state database on each device.
When a router generates or modifies an LSA, it must communicate this change
throughout the network. The router starts this process by forwarding the LSA to each
adjacent device. Upon receipt of the LSA, these neighbors store the information in their
link state database and communicate the LSA to their neighbors. This store and forward
activity continues until all devices receive the update. This process is called reliable
flooding. Two steps are taken to ensure that this flooding effectively transmits changes
without overloading the network with excessive quantities of LSA traffic:
 Each router stores the LSA for a period of time before propagating the
information to its neighbors. If, during that time, a new copy of the LSA arrives,
the router replaces the stored version. However, if the new copy is outdated, it is
discarded.
 To ensure reliability, each link state advertisement must be acknowledged.
Multiple acknowledgements can be grouped together into a single
acknowledgement packet. If an acknowledgement is not received, the original link
state update packet is retransmitted.
Link state advertisements contain five types of information. Together these
advertisements provide the necessary information needed to describe the entire OSPF
network and any external environments:
Router LSAs: This type of advertisement describes the state of the router's interfaces
(links) within the area. They are generated by every OSPF router. The advertisements are
flooded throughout the area.
Network LSAs: This type of advertisement lists the routers connected to a multi-access
network. They are generated by the DR on a multi-access segment. The advertisements
are flooded throughout the area.
Summary LSAs (Type-3 and Type-4): This type of advertisement is generated by an
ABR. There are two types of summary link advertisements:
Type-3 summary LSAs describe routes to destinations in other areas within the OSPF
network (inter-area destinations).
Type-4 summary LSAs describe routes to ASBRs. Summary LSAs are used to exchange
reachability information between areas. Normally, information is announced into the
backbone area. The backbone then injects this information into other areas.
AS external LSAs: This type of advertisement describes routes to destinations external to
the OSPF network. They are generated by an ASBR. The advertisements are flooded
throughout all areas in the OSPF network.

50.
For More : https://www.ThesisScientist.com
OSPF packet types
OSPF packets are transmitted in IP datagrams. They are not encapsulated within TCP or
UDP packets. The IP header uses protocol identifier 89. OSPF packets are sent with an IP
ToS of 0 and an IP precedence of internetwork control. This is used to obtain preferential
processing for the packets. Wherever possible, OSPF uses multicast facilities to
communicate with neighboring devices. In broadcast and point-to-point environments,
packets are sent to the reserved multicast address 224.0.0.5.
In non-broadcast environments, packets are addressed to the neighbor‘s specific IP
address.
All OSPF packets share the common header shown in Figure 5-17. The header provides
general information including area identifier, RID, checksum, and authentication
information.

51.
For More : https://www.ThesisScientist.com
The type field identifies the OSPF packet as one of five possible types:
Hello :- This packet type discovers and maintains neighbor relationships.
Database description : This packet type describes the set of LSAs contained in the
router's link state database.
Link state request : This packet type requests a more current instance of an LSA from a
neighbor.
Link state update : This packet type provides a more current instance of an LSA to a
neighbor.
Link state acknowledgement : This packet type acknowledges receipt of a newly
received LSA.
Neighbor communication
OSPF is responsible for determining the optimum set of paths through a network. To
accomplish this, each router exchanges LSAs with other routers in the network. The
OSPF protocol defines a number of activities to accomplish this information exchange:
 Discovering neighbors

52.
For More : https://www.ThesisScientist.com
 Electing a designated router
 Establishing adjacencies and synchronizing databases
The five OSPF packet types are used to support these information exchanges.
Discovering neighbors: The OSPF Hello protocol
The Hello protocol discovers and maintains relationships with neighboring routers. Hello
packets are periodically sent out to each router interface. The packet contains the RID of
other routers whose hello packets have already been received over the interface.
When a device sees its own RID in the hello packet generated by another router, these
devices establish a neighbor relationship.
The hello packet also contains the router priority, DR identifier, and BDR identifier.
These parameters are used to elect the DR on multi-access networks.
Electing a designated router
All multi-access networks must have a DR. A BDR can also be selected. The backup
ensures there is no extended loss of routing capability if the DR fails.
The DR and BDR are selected using information contained in hello packets. The device
with the highest OSPF router priority on a segment becomes the DR for that segment.
The same process is repeated to select the BDR. In case of a tie, the router with the
highest RID is selected. A router declared the DR is ineligible to become the BDR.
After elected, the DR and BDR proceed to establish adjacencies with all routers on the
multi-access segment.
Establishing adjacencies and synchronizing databases
Neighboring routers are considered adjacent when they have synchronized their link state
databases. A router does not develop an adjacency with every neighboring device. On
multi-access networks, adjacencies are formed only with the DR and BDR. This is a two
step process.
Step 1: Database exchange process
The first phase of database synchronization is the database exchange process. This occurs
immediately after two neighbors attempt to establish an adjacency. The process consists
of an exchange of database description packets. The packets contain a list of the LSAs
stored in the local database.
During the database exchange process, the routers form a master/subordinate relationship.
The master is the first to transmit. Each packet is identified by a sequence number. Using
this sequence number, the subordinate acknowledges each database description packet
from the master. The subordinate also includes its own set of link state headers in the
acknowledgements.
Step 2: Database loading
During the database exchange process, each router notes the link state headers for which
the neighbor has a more current instance (all advertisements are time stamped). After the
process is complete, each router requests the more current information from the neighbor.
This request is made with a link state request packet.
When a router receives a link state request, it must reply with a set of link state update
packets providing the requested LSA. Each transmitted LSA is acknowledged by the

53.
For More : https://www.ThesisScientist.com
receiver. This process is similar to the reliable flooding procedure used to transmit
topology changes throughout the network.
Every LSA contains an age field indicating the time in seconds since the origin of the
advertisement. The age continues to increase after the LSA is installed in the topology
database. It also increases during each hop of the flooding process.
When the maximum age is reached, the LSA is no longer used to determining routing
information and is discarded from the link state database. This age is also used to
distinguish between two otherwise identical copies of an advertisement.
OSPF neighbor state machine
The OSPF specification defines a set of neighbor states and the events that can cause a
neighbor to transition from one state to another. A state machine is used to describe these
transitions:
 Down: This is the initial state. It indicates that no recent information has been
received from any device on the segment.
 Attempt: This state is used on non-broadcast networks. It indicates that a neighbor
appears to be inactive. Attempts continue to reestablish contact.
 Init: Communication with the neighbor has started, but bidirectional
communication has not been established. Specifically, a hello packet was received
from the neighbor, but the local router was not listed in the neighbor's hello
packet.
 2-way: Bidirectional communication between the two routers has been
established. Adjacencies can be formed. Neighbors are eligible to be elected as
designated routers.
 ExStart: The neighbors are starting to form an adjacency.
 Exchange: The two neighbors are exchanging their topology databases.
 Loading: The two neighbors are synchronizing their topology databases.
 Full: The two neighbors are fully adjacent and their databases are synchronized.
OSPF virtual links and transit areas
Virtual links are used when a network does not support the standard OSPF network
topology. This topology defines a backbone area that directly connects to each additional
OSPF area. The virtual link addresses two conditions:
 It can logically connect the backbone area when it is not contiguous.
 It can connect an area to the backbone when a direct connection does not exist.
A virtual link is established between two ABRs sharing a common non-backbone area.
The link is treated as a point-to-point link. The common area is known as a transit area.
Figure 5-18 illustrates the interaction between virtual links and transit areas when used to
connect an area to the backbone.

54.
For More : https://www.ThesisScientist.com
This diagram shows that area 1 does not have a direct connection to the backbone. Area 2
can be used as a transit area to provide this connection. A virtual link is established
between the two ABRs located in area 2. Establishing this virtual link logically extends
the backbone area to connect to area 1.
A virtual link is used only to transmit routing information. It does not carry regular traffic
between the remote area and the backbone. This traffic, in addition to the virtual link
traffic, is routed using the standard intra-area routing within the transit area.
OSPF route redistribution
Route redistribution is the process of introducing external routes into an OSPF network.
These routes can be either static routes or routes learned through another routing
protocol. They are advertised into the OSPF network by an ASBR. These routes become
OSPF external routes. The ASBR advertises these routes by flooding OSPF AS external
LSAs throughout the entire OSPF network.
The routes describe an end-to-end path consisting of two portions:
 External portion: This is the portion of the path external to the OSPF network.
When these routes are distributed into OSPF, the ASBR assigns an initial cost.
This cost represents the external cost associated with traversing the external
portion of the path.
 Internal portion: This is the portion of the path internal to the OSPF network.
Costs for this portion of the network are calculated using standard OSPF
algorithms.

55.
For More : https://www.ThesisScientist.com
OSPF differentiates between two types of external routes. They differ in the way the cost
of the route is calculated. The ASBR is configured to redistribute the route as:
 External type 1: The total cost of the route is the sum of the external cost and any
internal OSPF costs.
 External type 2: The total cost of the route is always the external cost. This
ignores any internal OSPF costs required to reach the ASBR.
Figure 5-19 illustrates an example of the types of OSPF external routes.
In this example, the ASBR is redistributing the 10.99.5.0/24 route into the OSPF
network. This subnet is located within the RIP network. The route is announced into
OSPF with an external cost of 50. This represents the cost for the portion of the path
traversing the RIP network:
 If the ASBR redistributed the route as an E1 route, R1 will contain an external
route to this subnet with a cost of 60 (50 + 10). R2 will have an external route
with a cost of 65 (50 + 15).
 If the ASBR redistributed the route as an E2 route, both R1 and R2 will contain
an external route to this subnet with a cost of 50. Any costs associated with

56.
For More : https://www.ThesisScientist.com
traversing segments within the OSPF network are not included in the total cost to
reach the destination.
OSPF stub areas
OSPF allows certain areas to be defined as a stub area. A stub area is created when the
ABR connecting to a stub area excludes AS external LSAs from being flooded into the
area. This is done to reduce the size of the link state database maintained within the stub
area routers. Because there are no specific routes to external networks, routing to these
destinations is based on a default route generated by the ABR. The link state databases
maintained within the stub area contain only the default route and the routes from within
the OSPF environment (for example, intra-area and inter-area routes).
Because a stub area does not allow external LSAs, a stub area cannot contain an ASBR.
No external routes can be generated from within the stub area.
Stub areas can be deployed when there is a single exit point connecting the area to the
backbone. An area with multiple exit points can also be a stub area. However, there is no
guarantee that packets exiting the area will follow an optimal path. This is due to the fact
that each ABR generates a default route. There is no ability to associate traffic with a
specific default routes.
All routers within the area must be configured as stub routers. This configuration is
verified through the exchange of hello packets.
Not-so-stubby areas
An extension to the stub area concept is the not-so-stubby area (NSSA). An NSSA is
similar to a stub area in that the ABR servicing the NSSA does not flood any external
routes into the NSSA.
The only routes flooded into the NSSA are the default route and any other routes from
within the OSPF environment (for example, intra-area and inter-area).
However, unlike a stub area, an ASBR can be located within an NSSA. This ASBR can
generate external routes. Therefore, the link state databases maintained within the NSSA
contain the default route, routes from within the OSPF environment (for example, intra-
area and inter-area routes), and the external routes generated by the ASBR within the
area.
The ABR servicing the NSSA floods the external routes from within the NSSA
throughout the rest of the OSPF network.
OSPF route summarization
Route summarization is the process of consolidating multiple contiguous routing entries
into a single advertisement. This reduces the size of the link state database and the IP
routing table. In an OSPF network, summarization is performed at a border router. There
are two types of summarization:
 Inter-area route summarization: Inter-area summarization is performed by the
ABR for an area. It is used to summarize route advertisements originating within

57.
For More : https://www.ThesisScientist.com
the area. The summarized route is announcement into the backbone. The
backbone receives the aggregated route and announces the summary into other
areas.
 External route summarization: This type of summarization applies specifically to
external routes injected into OSPF. This is performed by the ASBR distributing
the routes into the OSPF network.
Figure 5-20 illustrates an example of OSPF route summarization.
In this figure, the ASBR is advertising a single summary route for the 64 subnetworks
located in the RIP environment. This single summary route is flooded throughout the
entire OSPF network. In addition, the ABR is generating a single summary route for the
64 subnetworks located in area 1. This summary route is flooded through area 0 and area
2. Depending of the configuration of the ASBR, the inter-area summary route can also be
redistributed into the RIP network.
A Basic OSPF Configuration
The three steps necessary to begin a basic OSPF process are
1. Determine the area to which each router interface will be attached.
2. Enable OSPF with the command router ospf process-id.

59.
For More : https://www.ThesisScientist.com
router ospf 40
network 192.168.10.2 0.0.0.0 area 192.168.10.0
network 192.168.10.33 0.0.0.0 area 192.168.10.0
Short note Operation of OSPF
At a very high level, the operation of OSPF is easily explained:
1. OSPF-speaking routers send Hello packets out all OSPF-enabled interfaces. If
two routers sharing a common data link agree on certain parameters specified in
their respective Hello packets, they will become neighbors.
2. Adjacencies, which can be thought of as virtual point-to-point links, are formed
between some neighbors. OSPF defines several network types and several router
types. The establishment of an adjacency is determined by the types of routers
exchanging Hellos and the type of network over which the Hellos are exchanged.
3. Each router sends link-state advertisements (LSAs) over all adjacencies. The
LSAs describe all of the router's links, or interfaces, the router's neighbors, and
the state of the links. These links might be to stub networks (networks with no
other router attached), to other OSPF routers, to networks in other areas, or to
external networks (networks learned from another routing process). Because of
the varying types of link-state information, OSPF defines multiple LSA types.
4. Each router receiving an LSA from a neighbor records the LSA in its link-state
database and sends a copy of the LSA to all of its other neighbors.
5. By flooding LSAs throughout an area, all routers will build identical link-state
databases.
6. When the databases are complete, each router uses the SPF algorithm to calculate
a loop-free graph describing the shortest (lowest cost) path to every known
destination, with itself as the root. This graph is the SPF tree.
7. Each router builds its route table from its SPF tree

62.
For More : https://www.ThesisScientist.com
BGP:-
BGP performs interdomain routing in Transmission-Control Protocol/Internet Protocol
(TCP/IP) networks. BGP is an exterior gateway protocol (EGP), which means that it
performs routing between multiple autonomous systems or domains and exchanges
routing and reachability information with other BGP systems.
BGP was developed to replace its predecessor, the now obsolete Exterior Gateway
Protocol (EGP), as the standard exterior gateway-routing protocol used in the global
Internet. BGP solves serious problems with EGP and scales to Internet growth more
efficiently.
Figure 35-1 illustrates core routers using BGP to route traffic between autonomous
systems.
BGP Operation
BGP performs three types of routing: interautonomous system routing, intra-autonomous
system routing, and pass-through autonomous system routing
Interautonomous system routing occurs between two or more BGP routers in different
autonomous systems. Peer routers in these systems use BGP to maintain a consistent
view of the internetwork topology. BGP neighbors communicating between autonomous
systems must reside on the same physical network. The Internet serves as an example of
an entity that uses this type of routing because it is comprised of autonomous systems or
administrative domains. Many of these domains represent the various institutions,
corporations, and entities that make up the Internet. BGP is frequently used to provide
path determination to provide optimal routing within the Internet.
Intra-autonomous system routing occurs between two or more BGP routers located
within the same autonomous system. Peer routers within the same autonomous system

63.
For More : https://www.ThesisScientist.com
use BGP to maintain a consistent view of the system topology. BGP also is used to
determine which router will serve as the connection point for specific external
autonomous systems. Once again, the Internet provides an example of interautonomous
system routing. An organization, such as a university, could make use of BGP to provide
optimal routing within its own administrative domain or autonomous system. The BGP
protocol can provide both inter- and intra-autonomous system routing services.
Pass-through autonomous system routing occurs between two or more BGP peer routers
that exchange traffic across an autonomous system that does not run BGP. In a pass-
through autonomous system environment, the BGP traffic did not originate within the
autonomous system in question and is not destined for a node in the autonomous system.
BGP must interact with whatever intra-autonomous system routing protocol is being used
to successfully transport BGP traffic through that autonomous system. Figure 35-2
illustrates a pass-through autonomous system environment:
BGP Routing

64.
For More : https://www.ThesisScientist.com
As with any routing protocol, BGP maintains routing tables, transmits routing updates,
and bases routing decisions on routing metrics. The primary function of a BGP system is
to exchange network-reachability information, including information about the list of
autonomous system paths, with other BGP systems. This information can be used to
construct a graph of autonomous system connectivity from which routing loops can be
pruned and with which autonomous system-level policy decisions can be enforced.
Each BGP router maintains a routing table that lists all feasible paths to a particular
network. The router does not refresh the routing table, however. Instead, routing
information received from peer routers is retained until an incremental update is received.
BGP devices exchange routing information upon initial data exchange and after
incremental updates. When a router first connects to the network, BGP routers exchange
their entire BGP routing tables. Similarly, when the routing table changes, routers send
the portion of their routing table that has changed. BGP routers do not send regularly
scheduled routing updates, and BGP routing updates advertise only the optimal path to a
network.
BGP uses a single routing metric to determine the best path to a given network. This
metric consists of an arbitrary unit number that specifies the degree of preference of a
particular link. The BGP metric typically is assigned to each link by the network
administrator. The value assigned to a link can be based on any number of criteria,
including the number of autonomous systems through which the path passes, stability,
speed, delay, or cost.
BGP Message Types
The open message opens a BGP communications session between peers and is the first
message sent by each side after a transport-protocol connection is established. Open
messages are confirmed using a keep-alive message sent by the peer device and must be
confirmed before updates, notifications, and keep-alives can be exchanged.
An update message is used to provide routing updates to other BGP systems, allowing
routers to construct a consistent view of the network topology. Updates are sent using the
Transmission-Control Protocol (TCP) to ensure reliable delivery. Update messages can
withdraw one or more unfeasible routes from the routing table and simultaneously can
advertise a route while withdrawing others.
The notification message is sent when an error condition is detected. Notifications are
used to close an active session and to inform any connected routers of why the session is
being closed.
The keep-alive message notifies BGP peers that a device is active. Keep-alives are sent
often enough to keep the sessions from expiring.
BGP Packet Formats
Header Format

65.
For More : https://www.ThesisScientist.com
All BGP message types use the basic packet header. Open, update, and notification
messages have additional fields, but keep-alive messages use only the basic packet
header. Figure 35-3 illustrates the fields used in the BGP header. The section that follows
summarizes the function of each field.
BGP Packet-Header Fields
Each BGP packet contains a header whose primary purpose is to identify the function of
the packet in question. The following descriptions summarize the function of each field in
the BGP header illustrated in Figure 35-3.
• Marker— Contains an authentication value that the message receiver can predict.
• Length— Indicates the total length of the message in bytes.
• Type—Type — Specifies the message type as one of the following:
— Open
— Update
— Notification
— Keep-alive
• Data—Contains upper-layer information in this optional field.
Open Message Format
BGP open messages are comprised of a BGP header and additional fields. Figure 35-4
illustrates the additional fields used in BGP open messages.